In network access authentication, a network side authenticates a communication node (terminal apparatus) so as to connect only an authentic communication node to the network. On the other hand, the communication node side authenticates the network so as to be connected to only the authentic network. To the communication node, network access authentication of which has succeeded, a network access authentication server distributes an encryption key used by an application, that used in a link layer, and the like.
RFC6345 specifies the authentication relay specifications which intervene authentication processing between an authentication client and authentication server.